Vulnerabilities > CVE-2006-5085 - Remote Command Execution vulnerability in Pixel Motion Pixel Motion Blog 2.1.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Static code injection vulnerability in config.php in Blog Pixel Motion 2.1.1 allows remote attackers to execute arbitrary PHP code via the nom_blog parameter, which is injected into include/variables.php.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Blog Pixel Motion 2.1.1 PHP Code Execution / Create Admin Exploit. CVE-2006-5085,CVE-2006-5086. Webapps exploit for php platform |
id | EDB-ID:2441 |
last seen | 2016-01-31 |
modified | 2006-09-27 |
published | 2006-09-27 |
reporter | DarkFig |
source | https://www.exploit-db.com/download/2441/ |
title | Blog Pixel Motion 2.1.1 PHP Code Execution / Create Admin Exploit |